In a “software as a service” (SaaS) or other cloud-based application or service, it is often necessary to securely distribute secrets to some entities/services within the SaaS system's cloud. It is also desirable to have a central management console/service and data repository where administrators can upload/configure and manage these secrets. It is sometimes challenging to securely store and distribute secrets stored on the system cloud because of vulnerabilities in the central management console, attempts to access secrets by entities for which the secret is not intended, and infiltration by third parties, among other things. Thus, there is a need to securely store and distribute sensitive data in a cloud-based application.